On Sun, Mar 2, 2014 at 1:26 PM, Alexander Dalloz ad+lists@uni-x.org wrote:
Am 02.03.2014 19:16, schrieb Joseph Spenner:
Why not just use authorized_keys with an empty pass phrase?
Because that is discouraged due to security.
+1 security, security, security -- password-less SSH keys aren't a great idea -- for some situations, they are acceptable - but overuse is bound to bite back
It's simple enough to use the ssh-agent to store your passphrase in the keyring for a designated amount of time. When I'm running GNOME, I allow the built-in ssh-agent to handle things for me ... when I'm working via gnu screen, I use ssh-agent+ssh-add.
By what you have said, it doesn't sound like you're caching things in the keyring. For a day at work, I only ever have to enter my passphrase once (unless I remotely connect to my desktop from another desktop to connect to a server). Other than a password for the root user (which I rarely use), I'm using SSH keys to authenticate.
I too am using ssh-agent and ssh-add.
I have added ssh-agent to my bash profile so it's automatically ran. From there I manually run ssh-add and enter my passphrase. Smooth sailing from there.
Alexander
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos